QSearchQSearch

CVE-2021-3176

8.0 HIGH

The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.15 and 7.x before 7.1.2 could allow an attacker...

Published: 2021-01-29 · Last updated: 2026-06-17

Severity and scoring

CVSS
8.0 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CWE
CWE-20

Affected products

VendorProduct
mitelbusinesscti_enterprise

Description

The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.15 and 7.x before 7.1.2 could allow an attacker to gain access to user information by sending certain code, due to improper input validation of http links. A successful exploit could allow an attacker to view user information and application data.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2021-3352 The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an u... (9.1 CRITICAL)
  • CVE-2018-3639 Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior ... (5.5 MEDIUM)

Same CWE

  • CVE-2026-12191 A vulnerability was found in Comma AI Openpilot 0.11 (7.8 HIGH)
  • CVE-2026-45013 ApostropheCMS is an open-source Node.js content management system (8.1 HIGH)
  • CVE-2026-54133 jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP app... (9.8 CRITICAL)
  • CVE-2026-47196 Quest Bot is an opensource Discord Bot
  • CVE-2026-50633 A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an atta... (8.1 HIGH)